- Description
- Microsoft Publisher Security Feature Bypass Vulnerability
- Source
- secure@microsoft.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 7.3
- Impact score
- 5.9
- Exploitability score
- 1.3
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
Data from CISA
- Vulnerability name
- Microsoft Publisher Protection Mechanism Failure Vulnerability
- Exploit added on
- Sep 10, 2024
- Exploit action due
- Oct 1, 2024
- Required action
- Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
- nvd@nist.gov
- NVD-CWE-noinfo
- secure@microsoft.com
- CWE-693
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "CF5DDD09-902E-4881-98D0-CB896333B4AA"
},
{
"criteria": "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "26A3B226-5D7C-4556-9350-5222DC8EFC2C"
},
{
"criteria": "cpe:2.3:a:microsoft:office:2021:*:*:*:ltsc:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "1AC0C23F-FC55-4DA1-8527-EB4432038FB0"
},
{
"criteria": "cpe:2.3:a:microsoft:office:2021:*:*:*:ltsc:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "A719B461-7869-46D0-9300-D0A348DC26A5"
},
{
"criteria": "cpe:2.3:a:microsoft:publisher:2016:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "CB45982E-03C9-404B-BD22-2D096E561802"
},
{
"criteria": "cpe:2.3:a:microsoft:publisher:2016:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "03D5F104-880A-4FAF-938A-78DCE55AAD98"
}
],
"operator": "OR"
}
]
}
]